Volterra adheres to industry standard compliance certifications and security regulations to earn our customers’ trust
Compliance at Volterra

Volterra has achieved Payment Card Industry (PCI) Data Security Standard (DSS) Level 1 compliance, the highest and most stringent level of compliance.
Volterra's Voltmesh service that includes Reverse Proxy, Load-balancer, Web Application Firewall (WAF), and Distributed Denial of Service (DDOS) on Volterra’s Application Delivery Network (ADN) is PCI DSS Level 1 compliant.
Volterra is audited annually by a third-party Qualified Security Assessor QSA. Volterra's Attestation of Compliance is available upon request.

Volterra's commitment to GDPR compliance
Our mission is to deliver “Universal Cloud Access” to all users, and we believe the protection of our customers' and their end users' data is fundamental to this mission.
We minimize our collection of personal data and only use personal data for the purpose for which it was collected. We have committed that we would keep personal information private, so we have never sold or rented our users’ personal information to anyone.

Volterra's commitment to CCPA compliance
California's data privacy act is a governmental framework designed to help safeguard consumers' sensitive personal information.
Volterra has been adhering to strict standards for our users’ data, as outlined in the GDPR section, even before CCPA went into effect. In addition, Volterra’s patent pending Blindfold technology empowers customers to use their secrets (credentials, certificates) on our platform without giving us access to the secret.

What is PCI-DSS compliance?
Volterra’s PCI-DSS Certification
Benefit to our Customers
For e-commerce merchants, payment service providers, and more generally any customer that stores, transmits, or accepts cardholder data, Volterra’s Level 1 certification will greatly facilitate our customers’ own PCI DSS compliance.
Furthermore by using Volterra’s VoltMesh services that includes a web application firewall (WAF), it will help our customers meet their own PCI requirement 6.6.
Lastly by complying to the arduous requirements of PCI DSS, we are providing to all our customers an independent and industry-accepted security review of our processes, policies, infrastructure, and software development methodology.

What is GDPR compliance?
Volterra's commitment to GDPR compliance
At Volterra, our mission is to deliver “Universal Cloud access” to all users, and we believe the protection of our customers' and their end users' data is fundamental to this mission. We have adhered to stringent standards w.r.t end users’ data even before Europe’s watershed General Data Protection Regulation (GDPR) went into effect in 2018, We minimize our collection of personal data and only use personal data for the purpose for which it was collected. We have committed that we would keep personal information private, so we have never sold or rented our users’ personal information to anyone.
We have always followed the guidelines outlined by GDPR
- Only collect the personal data needed to provide the service offered.
- Don’t sell personal information.
- Give people the ability to access, correct, or delete their personal information.
- Consistent with our role as a data processor, give our customers control over the information captured by our products such as web application firewall (WAF).
As data protection is an ever-evolving environment, we continue to monitor ongoing developments globally and will update this page as appropriate.If you have any further questions about about how we process data on behalf of our customers in a GDPR compliant fashion please reach out to us at support@volterra.io.

California Consumer Privacy Act (CCPA)
Volterra's commitment to CCPA compliance
Volterra has been adhering to strict standards for our users’ data even before CCPA went into effect. We minimize our collection of personal data and only use personal data for the purpose for which it was collected. We have committed that we would keep personal information private, so we have never sold or rented our users’ personal information to anyone. We give people the ability to access, correct, or delete their personal information; and consistent with our role as a data processor, give our customers control over the information captured by our products.
In addition, Volterra’s patent pending Blindfold technology enables customers to use their secrets (credentials, passwords, certificates) on our platform without giving us access to the secret. We put on our Blindfolds when handling your secrets, so that your secrets remain a secret.
If you have any further questions about about how we process data on behalf of our customers in a CCPA compliant fashion please reach out to us at support@volterra.io.